Posted
by
Soulskillon Friday July 22, 2011 @04:59PM
from the good-thing-they're-so-easy-to-replace dept.

Trailrunner7 writes "Security researcher Charlie Miller, widely known for his work on Mac OS X and Apple's iOS, has discovered an interesting method that enables him to completely disable the batteries on Apple laptops, making them permanently unusable, and perform a number of other unintended actions. The method, which involves accessing and sending instructions to the chip housed on smart batteries, could also be used for more malicious purposes down the road. Miller discovered the default passwords set on the battery at the factory to change the battery into unsealed mode and developed a method that let him permanently brick the battery as well as read and modify the entire firmware. 'You can read all the firmware, make changes to the code, do whatever you want. And those code changes will survive a reinstall of the OS, so you could imagine writing malware that could hide on the chip on the battery. You'd need a vulnerability in the OS or something that the battery could then attack, though,' Miller said."

If it's a problem at Apple then it's a problem with a number of other hardware devices that use the same battery controllers, so your windoze laptops isn't safe either. Someone could also hack my Logitech Mouse and brick it too, or any number of peripherals that have upgradeable firmware, like my router, printer, keyboard, the list goes on.